GCVE - cpe:2.3:a:427bb:fourtwosevenbb:2.2.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:427bb:fourtwosevenbb:2.2.1:*:*:*:*:*:*:*

part: a version: 2.2.1 update: *

Vendor	427Bb (`e324d81f-4047-526c-8fdc-dda2b5d1747e`)
Product	Fourtwosevenbb (`59de288d-3eab-5831-8821-879e8c3534c4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-0155`	vulnerable	2026-06-03 14:27:15.320630	Details available Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI. Published: 2006-01-10T11:00:00.000Z Updated: 2024-08-07T16:25:33.652Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/421326/100/0/threaded http://www.osvdb.org/22276 http://secunia.com/advisories/18354 http://www.vupen.com/english/advisories/2006/0091 http://evuln.com/vulns/18/summary.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0154`	vulnerable	2026-06-03 14:27:15.320306	Details available SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter. Published: 2006-01-10T11:00:00.000Z Updated: 2024-08-07T16:25:34.029Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/421326/100/0/threaded http://secunia.com/advisories/18354 http://www.vupen.com/english/advisories/2006/0091 http://www.osvdb.org/22275 http://evuln.com/vulns/18/summary.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0153`	vulnerable	2026-06-03 14:27:15.319880	Details available 427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie. Published: 2006-01-10T11:00:00.000Z Updated: 2024-08-07T16:25:34.191Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/421326/100/0/threaded http://secunia.com/advisories/18354 http://www.vupen.com/english/advisories/2006/0091 https://exchange.xforce.ibmcloud.com/vulnerabilities/24038 http://evuln.com/vulns/18/summary.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0629`	vulnerable	2026-06-03 14:26:51.122140	Details available Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters. Published: 2005-03-04T05:00:00.000Z Updated: 2024-08-07T21:21:06.391Z Open on db.gcve.eu Reference links http://secunia.com/advisories/14434 http://www.securityfocus.com/bid/12693 http://marc.info/?l=bugtraq&m=110970911514167&w=2 http://securitytracker.com/id?1013337 https://exchange.xforce.ibmcloud.com/vulnerabilities/19546	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.